Invention Grant
US09444830B2 Web server/web application server security management apparatus and method
有权
Web服务器/ Web应用服务器安全管理设备和方法
- Patent Title: Web server/web application server security management apparatus and method
- Patent Title (中): Web服务器/ Web应用服务器安全管理设备和方法
-
Application No.: US14477986Application Date: 2014-09-05
-
Publication No.: US09444830B2Publication Date: 2016-09-13
- Inventor: Jong-Myoung Kim , Jaeseo Lee , SuYong Kim
- Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Applicant Address: KR Daejeon
- Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Current Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Current Assignee Address: KR Daejeon
- Agency: LRK Patent Law Firm
- Priority: KR10-2014-0029376 20140313
- Main IPC: H04L12/00
- IPC: H04L12/00 ; H04L29/06
Abstract:
A security management apparatus and method for a web server/web application server is provided. The security management apparatus includes a connection state table storage unit for, as a web client accesses a web server/web application server, storing connection state information, an access time, and a connection policy. A connection state information inspection unit inspects whether current connection state information is present in connection state information of the connection state table storage unit in which the connection policy is set to blocking. If current connection state information is not present, a web session reuse attack determination unit determines whether a current connection is a web session reuse attack. If the current connection is not the web session reuse attack, an attack pattern analysis unit analyzes whether an attack pattern is present. A blocking unit blocks a connection between the web client and the web server/web application server.
Public/Granted literature
- US20150264067A1 WEB SERVER/WEB APPLICATION SERVER SECURITY MANAGEMENT APPARATUS AND METHOD Public/Granted day:2015-09-17
Information query
